A worrying 38% of the apps tested contained some kind of malware while 67% featured at least one third-party tracking library. More than eight out of ten leaked IPv6 traffic.This is according to a research team
Why people mainky use VPNs
1.Idea of encryption of traffic due to to security mainly issues
2.Private communications
3.The act that the VPNs encryption can enable bypass website blocks
A study by researchers at CSIRO’s Data 61, University of New South Wales, and UC Berkley, has found that hundreds of VPN apps available from Google Play presented significant security issues including malware, spyware, adware and data leaks.
users look at the number of downloads combined with the ‘star rating’ of apps to work out whether they’re getting a good product and also the comments that arte publicized by recent people who have downloaded the app,something which you can agree with me on. However, the researchers found that among the 283 apps tested, even the highest ranked and most-downloaded apps can carry nasty surprises.
five types of malware detected include: Adware (43%), Trojan (29%), Malvertising (17%), Riskware (6%) and Spyware (5%)
According to the number of installs of these apps, millions of users appear to trust VPN apps despite their potential maliciousness. In fact, the high presence of malware activity in VPN apps that our analysis has revealed is worrisome given the ability that these apps already have to inspect and analyze all user’s traffic with the VPN permission,” the paper reads.
18% of the VPN apps implement tunneling protocols without encryption despite promising online anonymity and security to their users,” they write, adding that 16% of tested apps routed traffic through other users of the same app rather than utilizing dedicated online servers.
“This forwarding model raises a number of trust, security, and privacy concerns for participating users,” the researchers add, noting that only Hola admits to the practice on its website.
And when it comes to the handling of IPv6 traffic, the majority of the apps featured in the study fell short in a dramatic way. Around 84% of the VPN apps tested had IPv6 leaks while 66% had DNS leaks, something the researchers put down to misconfigurations or developer-induced errors.
“Both the lack of strong encryption and traffic leakages can ease online tracking activities performed by inpath middleboxes (e.g., commercial WiFi [Access Points] harvesting user’s data) and by surveillance agencies,” they warn.
POINT OF NOTICE PLEASE:
1.if you are using a VPN carry out your own research online before taking it into usage
2.Sticking with well-known companies that are transparent about their practices is a great start.
3.if an app requests access to sensitive data during the install process for no good reason, get rid of it. 4.if it’s a free app with a free service included, it’s a fair assumption that strings may be attached.